/*
 * MIT License
 *
 * Copyright (c) 2025 Mark·虎
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 *
 */

package com.hsxxherp.key.support.rbac.controller;

import com.hsxxherp.key.common.util.PasswordUtil;
import com.hsxxherp.key.support.rbac.entity.SysAccount;
import com.hsxxherp.key.support.rbac.request.LoginRequest;
import com.hsxxherp.key.support.rbac.request.RegisterAccountRequest;
import com.hsxxherp.key.support.rbac.service.ISysAccountService;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;

/**
 * 账号控制器
 *
 * @author Mark·虎克（2486970363@qq.com）
 */
public class AccountController {

    private ISysAccountService accountService;

    public AccountController(ISysAccountService accountService) {
        this.accountService = accountService;
    }

    /**
     * 账户注册
     *
     * @param request 注册请求对象
     * @return 注册结果响应
     */
    @PostMapping("/register")
    public ResponseEntity<String> register(@RequestBody RegisterAccountRequest request) {
        String username = request.getUsername();
        String password = request.getPassword();
        String email = request.getEmail();
        String phoneNumber = request.getPhoneNumber();

        // 检查账户是否已存在
//        SysAccount existingAccount = accountService.findByCode(code);
//        if (existingAccount != null) {
//            return new ResponseEntity<>("账户已存在", HttpStatus.BAD_REQUEST);
//        }

        String encryptedPassword = PasswordUtil.encryptPassword(password);

        // 创建新账户
        SysAccount newAccount = new SysAccount();
        newAccount.setUsername(username);
        newAccount.setPassword(encryptedPassword);
        newAccount.setAccountStatus(1);
        newAccount.setEmail(email);
        newAccount.setPhoneNumber(phoneNumber);

        // 保存账户信息
        boolean saved = accountService.save(newAccount);
        if (saved) {
            return new ResponseEntity<>("注册成功", HttpStatus.CREATED);
        } else {
            return new ResponseEntity<>("注册失败", HttpStatus.INTERNAL_SERVER_ERROR);
        }
    }

    /**
     * 账户登录
     *
     * @param request 登录请求对象
     * @return 登录结果响应
     */
    @PostMapping("/login")
    public ResponseEntity<String> login(@RequestBody LoginRequest request) {
        String code = request.getCode();
        String password = request.getPassword();

        SysAccount account = (SysAccount) accountService.findByCode(code);
        if (account == null) {
            return new ResponseEntity<>("账户不存在", HttpStatus.NOT_FOUND);
        }

        // 验证密码
        boolean isPasswordValid = PasswordUtil.verifyPassword(password, account.getPassword());
        if (!isPasswordValid) {
            return new ResponseEntity<>("密码错误", HttpStatus.UNAUTHORIZED);
        }

        // 检查账户状态
        if (account.getAccountStatus() != 1) {
            return new ResponseEntity<>("账户状态异常，无法登录", HttpStatus.FORBIDDEN);
        }

        // 登录逻辑，这里假设使用 SA-Token 进行登录
        // StpUtil.login(account.getId());
        return new ResponseEntity<>("登录成功", HttpStatus.OK);
    }

    /**
     * 重置密码
     *
     * @return 重置结果响应
     */
    @PostMapping("/resetPassword")
    public ResponseEntity<String> resetPassword() {
//        String code = request.getCode();
//        String oldPassword = request.getOldPassword();
//        String newPassword = request.getNewPassword();
//
//        SysAccount account = accountService.findByCode(code);
//        if (account == null) {
//            return new ResponseEntity<>("账户不存在", HttpStatus.NOT_FOUND);
//        }
//
//        // 验证旧密码
//        boolean isOldPasswordValid = PasswordUtil.verifyPassword(oldPassword, account.getPassword());
//        if (!isOldPasswordValid) {
//            return new ResponseEntity<>("旧密码错误", HttpStatus.UNAUTHORIZED);
//        }
//
//        // 加密新密码
//        String newEncryptedPassword = PasswordUtil.encryptPassword(newPassword);
//        account.setPassword(newEncryptedPassword);
//
//        // 更新账户信息
//        boolean updated = accountService.updateById(account);
//        if (updated) {
//            return new ResponseEntity<>("密码重置成功", HttpStatus.OK);
//        } else {
//            return new ResponseEntity<>("密码重置失败", HttpStatus.INTERNAL_SERVER_ERROR);
//        }
        return null;
    }
}
